Today’s topic is all about Access List… For Unix and Unix-like system, the usual command to set the file permission is the ‘chmod’ command. However there are instances that we need more flexibility in giving access and control for files and folders. Get it? Access and Control? In this situation, there is a file utility built in Unix called ‘getfacl‘ and ‘setfacl‘.

getfacl is a file utility for viewing the access control list information associated with a file or directory.

For a memory aid, you can think of ‘getfacl’ as “Get File ACL“.. ACL being Access Control List.

Access control lists are extended attributes added to most major file systems in the 2.6 kernel to improve ability to control the access of files. They allow permissions to be set for individual groups and users and not just the owning user, owning group, and all other users.

setfacl is a command that allows you to set the Access Control List information for a file or directory.

Access control lists are extended attributes added to most major file systems in the 2.6 kernel to improve ability to control the access of files. They allow permissions to be set for individual groups and users and not just the owning user, owning group, and all other users.

You can read man pages for both getfacl and setfacl for more information.

getfacl and setfacl example….

Here’s an example of using the basic funtion of getfacl and setfacl

# getfacl

#setfacl

setfacl -m default:user::rwx,default:group::r-x,default:other:r-x,default:mask:rwx /u06/OneSource/datapump_dbdump

setfacl -m default:user:rcodapp1:r-x,default:group:r-x,default:other:—,default:mas:rwx /u06/OneSouce/datapump_dbdump

I just want to share a link for those who are not subscribe to the official Sun Microsystems’ email newletter.. (what?! You’re not subscribed?!)

Anyway, the link will forward you to a form where you need to fill up some personal information (it’s from Sun, so there will be no selling of email or spamming there). Once you’re done with that, go read and study Solaris Virturalization!

Enjoy!

» Download your free copy of Virtualization for Dummies.

Just want to note here steps on how to setup your own custom name server from your registrar. In my case, I had to do it on GoDaddy. But of course there are tons of webpages out there that explains how to do it in different registrar.. on this post I just took the part where they enumerate procedures for GoDaddy.

Read the rest of this entry »

This one is about Solaris Volume Manager and all those meta commands you can think of.. (metadb, metadettach, metattach, metaclear etc)…

Yesterday we had to replace a failed disk that belongs to a mirror. The disk is running in a Sparc Solaris 10 box. It’s a 72GB from Fujitsu

c1t1d0           Soft Errors: 440 Hard Errors: 12 Transport Errors: 124
Vendor: FUJITSU  Product: MAY2073RCSUN72G  Revision: 0501 Serial No: 0711S0935R
Size: 73.40GB <73400057856 bytes>

As you can see from the iostat -En command, the disk is spitting hard errors and must be replaced before it can cause a lot more headache. It’s in c1t1, right.

Here’s what we’re supposed to do:

• we could delete the meta data base that corresponds to the failed disk
• detached the failed disk/slices to the mirror
• clear it
• unconfigure the disk
• replace the disk
• configure the disk
• create new meta device database
• Initialize the disk
• Attached it to mirror
• and sync

Here’s the detailed job:

Read the rest of this entry »

FireFTP is an FTP program that works within the Firefox Web browser. Well, Firefox is not actually a full-pledge program but a Firefox plugin or addon. The best thing about this ftp client is that it’s FREE! (Just like any other open source applications/software).

If you’re not familiar with Firefox, it’s an open source web browser and I suggest you use it right now. Trash that IE and start using Firefox (or Google Chrome – cooler!).

File transfer protocol (FTP) is how we send large files from one computer to another using the Internet — not an e-mail attachment.

Here’s how to install and use FireFTP on Firefox.

Read the rest of this entry »